* [Analysis and Evaluation of Blockchain-based Self-Sovereign Identity Systems](https://wwwmatthes.in.tum.de/pages/hhh5oin2o5sw/Master-s-Thesis-Martin-Schaeffner) 2019-11-19 Martin Schaeffner
> The components of SSI will be described in detail, evaluated, and visualized in a components architecture. These include standards like decentralized identifiers (DIDs), verifiable credentials (VCs), and verifiable presentations (VPs). Further, the concepts of a decentralized public key infrastructure (DPKI) and a decentralized key management system (DKMS) are introduced. Additionally, this thesis deals in detail with the trust infrastructure of SSI.
>
> Additionally, this thesis focuses on SSI systems and their underlying DID methods. To provide an overview of existing identity systems, the SSI ecosystem is analyzed on its currently existing DID methods. Based on the presented DID methods, representative DID methods are selected and examined for further analysis and evaluation of the system. To analyze the DID methods and their systems, criteria are defined to emphasize the differences of each DID method. The results from the analysis are then used for evaluating the DID methods.
* [A Decentralized Digital Identity Architecture](https://www.frontiersin.org/articles/10.3389/fbloc.2019.00017/full) 2019-11-05 Geoff Goodell, Tomaso Aste
> Although this article shall focus on challenges related to identity systems for adult persons in the developed world, we argue that the considerations around data protection and personal data that are applicable in the humanitarian context, such as those elaborated by the International Committee of the Red Cross (Kuner and Marelli, 2017; Stevens et al., 2018), also apply to the general case. We specifically consider the increasingly commonplace application of identity systems “to facilitate targeting, profiling and surveillance” by “binding us to our recorded characteristics and behaviors” (Privacy International, 2019). Although we focus primarily upon the application of systems for digital credentials to citizens of relatively wealthy societies, we hope that our proposed architecture might contribute to the identity zeitgeist in contexts such as humanitarian aid, disaster relief, refugee migration, and the special interests of children as well.
* [Matching Identity Management Solutions to Self Sovereign Identity Solutions](https://www.linkedin.com/pulse/matching-identity-management-solutions-self-sovereign-tommy-koens) 2018-05-01 Tommy Koens
> We created an analysis of nearly 50 (blockchain based) digital identity management solutions, and matched these against Self Sovereign Identity (SSI) management principles and additional requirements. The document can be found here: [https://www.slideshare.net/secret/uafcwzQQWH86SW](https://www.slideshare.net/TommyKoens/matching-identity-management-solutions-to-selfsovereign-identity-principles)
* [A First Look at Identity Management Schemes on the Blockchain](https://arxiv.org/pdf/1801.03294.pdf) 2018-01-10 Paul Dunphy, Fabien A. P. Petitcolas
> The emergence of distributed ledger technology (DLT) based upon a blockchain data structure, has given rise to new approaches to identity management that aim to upend dominant approaches to providing and consuming digital identities. These new approaches to identity management (IdM) propose to enhance decentralisation, transparency and user control in transactions that involve identity information; but, given the historical challenge to design IdM, can these new DLTbased schemes deliver on their lofty goals? We introduce the emerging landscape of DLT-based IdM, and evaluate three representative proposals – uPort, ShoCard and Sovrin – using the analytic lens of a seminal framework that characterises the nature of successful IdM schemes
* [Self-sovereign Identity – Opportunities and Challenges for the Digital Revolution](https://arxiv.org/pdf/1712.01767.pdf) 2017-12-05 Uwe Der, Stefan Jähnichen, Jan Sürmeli
> The interconnectedness of people, services and devices is a defining aspect of the digital revolution, and, secure digital identities are an important prerequisite for secure and legally compliant information exchange. Existing approaches to realize a secure identity management focus on central providers of identities such as national authorities or online service providers. Hence, changing residence or service provider often means to start over and creating new identities, because procedures for data portability are missing. Self-sovereign digital identities are instead created and managed by individuals, and enable them to maintain their digital identities independent from residence, national eID infrastructure and market-dominating service providers.
* [IDENTITY MATTERS - A primer paper on the rise and relevance of Self-Sovereign Identity.](https://cboxxtest.files.wordpress.com/2017/09/cboxxidentitymatters04.pdf) 2017-09
> This list of 13 interesting projects / startups in the Self Sovereign Identity field should be treated as a starting point as of September 2017; it will be out of date when you read it ...
* [Blockchain for Identity Management](https://www.cs.bgu.ac.il/~frankel/TechnicalReports/2016/16-02.pdf) 2016-12-11 Ori Jacobovitz
> In this paper, I discusses the state of the art in Blockchain technology and its applications, focusing on applications and solutions in identity management
> A case study has been performed on a solution which allows the exchange of KYC attributes, resulting from thorough Customer Due Diligence (CDD) as is often performed when opening a bank account. These attributes can be used by other entities, like insurance companies and mortgage lenders to make their on-boarding process easier for customers, since they don’t need to supply copies of the same documentation all over again. Also, the companies themselves could outsource their Customer Due Diligence (CDD) this way to lower costs and make fewer errors. Although the idea is very interesting, the studied solution did not meet the expectations. At the time the company behind the solution was very small and the process to improve very complex. The solution was also proprietary, creating dependence on the vendor, which heightens the adoption barrier
* [Decentralizing Privacy: Using Blockchain to Protect Personal Data](http://web.media.mit.edu/~guyzys/data/ZNP15.pdf) 2015-03-02
> Personal data, and sensitive data in general, should not be trusted in the hands of third-parties, where they are susceptible to attacks and misuse. Instead, users should own and control their data without compromising security or limiting companies’ and authorities’ ability to provide personalized services. Our platform enables this by combining a blockchain, re-purposed as an access-control moderator, with an off-blockchain storage solution. Users are not required to trust any third-party and are always aware of the data that is being collected about them and how it is used. In addition, the blockchain recognizes the users as the owners of their personal data. Companies, in turn, can focus on utilizing data without being overly concerned about properly securing and compartmentalizing them.
* [Establishing Identity Without Certification Authorities](https://www.usenix.org/conference/6th-usenix-security-symposium/establishing-identity-without-certification-authorities) 1996
> There are many methods for establishing identity without using certificates from trusted certification authorities. The relationship between verifier and subject guides the choice of method. Many of these relationships have easy, straight-forward methods for binding a public key to an identity, using a broadcast channel or 1:1 meetings, but one relationship makes it especially difficult. That relationship is one with an old friend with whom you had lost touch but who appears now to be available on the net. You make contact and share a few exchanges which suggest to you that this is, indeed, your old friend. Then you want to form a secure channel in order to carry on a more extensive conversation in private. This case is subject to the man-in-the-middle attack. For this case, a protocol is presented which binds a pair of identities to a pair of public keys without using any certificates issued by a trusted CA.
* [Security without Identification: Transaction Systems to make Big Brother Obsolete](https://www.cs.ru.nl/~jhh/pub/secsem/chaum1985bigbrother.pdf) 1985 David Chaum
> With the new approach, an individual uses a different account number or “digital pseudonym” with each organization. Individuals will create all such pseudonyms by a special random process. Information further identifying the individual is not used. A purchase at a shop, for example, might be made under a one-time-use pseudonym; for a series of transactions comprising an ongoing relationship, such as a bank account, a single pseudonym could be used repeatedly. Although the pseudonyms cannot be linked, organizations will be able to ensure that the pseudonyms are not used improperly by such measures as limiting individuals to one pseudonym per organization and ensuring that individuals are held accountable for abuses created under any of their pseudonyms. Individuals will be able to authenticate ownership of their pseudonyms and use them while ensuring that they are not improperly used by others.
* [The Knowledge Complexity Of Interactive Proofs](https://dl.acm.org/doi/10.1145/22145.22178) 1985 Shafi Goldwasser, Silvio Micali, and Charles Rackoff
> In this paper a computational complexity theory of the “knowledge” contained in a proof is developed. Zero-knowledge proofs are defined as those proofs that convey no additional knowledge other than the correctness of the proposition in question. Examples of zero-knowledge proof systems are given for the languages of quadratic residuosity and 'quadratic nonresiduosity. These are the first examples of zero-knowledge proofs for languages not known to be efficiently recognizable.
* [Digital Identity: the current state of affairs](https://www.bbvaresearch.com/wp-content/uploads/2018/02/Digital-Identity_the-current-state-of-affairs.pdf) 2018-02 BBVA Research
> As public identities have been created by different authorities, and since a global public or private identity is not a realistic option in the short term, interoperability and the collaboration between different entities to offer complete solutions is decisive. In the long run, to become a trusted identity provider across different industries could represent a big business opportunity for financial institutions
> Decentralized identity is evolving into self-sovereign identity networks and verification services. While efforts are underway to establish standards for these ecosystems, technical professionals should identify processes that will be affected and plan for integration scenarios in coming years.
* [A Comprehensive Guide to Self Sovereign Identity](https://www.amazon.com/Comprehensive-Guide-Self-Sovereign-Identity-ebook/dp/B07Q3TXLDP) 2019-04-06 Kaliya Identity Woman Young and Heather Vescent [[Related](https://www.thepaypers.com/expert-opinion/10-things-you-need-to-know-about-self-sovereign-identity-part-1/774556)]
> Self Sovereign Identity technologies give individuals and companies the ability to control and manage their own digital identifiers. This technology is gaining momentum as it solves previously unsolvable challenges. With the emergence of SSI open standards, a new layer of the internet emerges for the identity of people and organizations. SSI represents a new paradigm -- it changes the identity game completely.